Perl scripts send log messages to Twitter

My Password's Gone!

If you are conscious of security, you've probably noticed that the code includes the password needed by the script to sign on to the Twitter service. The ssl option avoids sending the password in the clear; instead, the Perl Net::Twitter module communicates with Twitter's HTTPS URLs. But with applications popping out of the ground like mushrooms, the question is: How you can avoid disclosing your password to third parties? Imagine if just one weak link in the chain were to reveal your password – time to panic.

A recent addition by Twitter, OAuth, solves this problem. This open protocol gives various applications privileges for a user account. Instead of forwarding your username and password to various providers and hoping that nobody exploits your generosity, OAuth assigns every application a unique token. The token can be revoked at any time without affecting other providers who are using separate tokens.

The Perl Net::Twitter module supports OAuth; however, Twitter insists that you register the application [3] before it gives you the Token Consumer Key and Consumer Secret. That's the theory, anyway, if the service is working – which it was not when I was writing this article.

Logging with Twitter

Listing 2 demonstrates another application for the Twitter API: a Perl module that you can embed in other Perl processes to send messages to Twitter – the twit() function. In typical Perl fashion, the function accepts either a message in the form of a string or a reference to a hash with a message field. A second parameter, home, points to the user's home directory, just in case the root user is running the program (e.g., from a backup script). Twitsend.pm hopes to find a YAML configuration file in the home directory named .twitsend that contains the password for the Twitter account. In this way, the password is in just one place and not in multiple scripts.

On My Balcony

My Perl-controlled irrigation system [4] has provided an invaluable and reliable service to the plants on my balcony for more than two years now. However, I do like to keep an eye on what it's doing while I'm away, so why not Twitter the pump activity so that I can check it from any Internet cafe or via my mobile phone?

After just five minutes, I was able to interface the TwitSend.pm module with the water script for the plant irrigation apparatus I described previously [4]. Then I called the twit() function with a message string and the path to a directory containing a YAML file with the account password for the perlsnapshot Twitter account.

The implementation is shown in the twitsend sample script (Listing 3), which posts the results to Twitter, as shown in Figure 3. The irrigation duration for the plants on a warm day in August took 60 seconds, and the backup on my development system completed at 11:49am. For the latest updates, feel free to check twitter.com/perlsnapshot.

This approach is similar to that used recently by my fellow columnist, Charly Kühnast, with the ttytter client [5]. Today's script only needs a .twitsend YAML file in the home directory (e.g., /home/mike), with permissions of 0500, to ensure that the file is only readable and writable by the account owner. It contains a single password: line, which defines the Twitter password (Figure 4).

Figure 4: The TwitSend.pm configuration file, .twitsend, which sets the user password for the Twitter account.

If you feel like using the free service on identi.ca instead, uncomment the identica directive in line 46 of the TwitSend.pm module. This directive points scripts to the free identi.ca clone rather than Twitter.

Also note that Twitter will silently ignore identical messages. A cron job that sends out a "Backup finished" message every day will not do the trick, but adding a timestamp will.

If other processes tweet on separate service accounts, you can then use your personal account to follow all or some of them. When you get back from vacation, all it takes is an unfollow on the Twitter website to unhitch the log from the message stream supplied by your friends.

The API, which is accessible via Net::Twitter, also lets you delete tweets; perform administrative functions such as follow(), unfollow(), or block(); send private messages; tap into the public message stream; and do many other things. Twitter restricts access to 100 access attempts per hour and monitors both IPs and accounts.